71 matches found
CVE-2023-29128
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacke...
CVE-2023-29106
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint...
CVE-2023-29103
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1, SIMATIC Cloud Connect 7 CC716 All versions V2.1. The affected device uses a hard-coded password to protect the diagnostic files. This could allow an authenticated attacker to access protected dat...
CVE-2023-29107
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources...
EUVD-2023-32464
Malicious code in bioql PyPI...
EUVD-2023-32706
Malicious code in bioql PyPI...
EUVD-2023-32707
Malicious code in bioql PyPI...
EUVD-2023-32708
Malicious code in bioql PyPI...
EUVD-2023-32709
Malicious code in bioql PyPI...
EUVD-2023-32731
Malicious code in bioql PyPI...
EUVD-2023-32710
Malicious code in bioql PyPI...
CVE-2023-29105
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1, SIMATIC Cloud Connect 7 CC716 All versions V2.1. The affected device is vulnerable to a denial of service while parsing a random non-JSON MQTT payload. This could allow an attacker who can...
CVE-2023-29104
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The filename in the upload feature of the web based management of the affected device is susceptible to a path traversal vulnerability. This could allow an authenticated privileged remote attacke...
CVE-2023-28832
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to...
SIMATIC Cloud Connect 输入验证错误漏洞
SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices with an OPC UA server interface to be connected as OPC UA clients.SIMATIC Drive Controllers are designed for the automation of production machines and combine the...
Siemens SIMATIC Cloud Connect 7 Path Traversal Vulnerability
SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices with OPC UA server interfaces to be connected as OPC UA clients. A path traversal vulnerability exists in Siemens SIMATIC Cloud Connect 7, which can be exploited by a...
Siemens SIMATIC Cloud Connect 7 Denial of Service Vulnerability
SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices with OPC UA server interfaces to be connected as OPC UA clients. A denial of service vulnerability exists in Siemens SIMATIC Cloud Connect 7, which can be exploited b...
Siemens SIMATIC Cloud Connect 7 Information Disclosure Vulnerability
SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices with OPC UA server interfaces to be connected as OPC UA clients. An information disclosure vulnerability exists in Siemens SIMATIC Cloud Connect 7, which can be...
CVE-2023-29106
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint...
CVE-2023-29107
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The export endpoint discloses some undocumented files. This could allow an unauthenticated remote attacker to gain access to additional information resources...